O20 - HKLM Winlogon: Shell - (C:\WINDOWS\Nail.exe) - File not found
I am sending the entire contents for OTL.txt:
OTL logfile created on: 8/2/2012 10:11:16 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\BHS3\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
767.01 Mb Total Physical Memory | 208.36 Mb Available Physical Memory | 27.16% Memory free
1.08 Gb Paging File | 0.59 Gb Available in Paging File | 54.56% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.59 Gb Total Space | 0.47 Gb Free Space | 2.55% Space Free | Partition Type: NTFS
Drive Z: | 14.88 Gb Total Space | 10.24 Gb Free Space | 68.85% Space Free | Partition Type: NTFS
Computer Name: DELL1 | User Name: bhs3 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/08/02 10:10:03 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BHS3\My Documents\Downloads\OTL.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/06/06 21:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/09/24 08:59:00 | 000,073,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\NavNT\vptray.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Unknown] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Unknown] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/05/17 09:20:33 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2004/08/04 03:56:46 | 000,089,088 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown] -- C:\WINDOWS\SYSTEM32\WBEM\wmiaprpl.dll -- (WmiApRpl)
SRV - [2001/09/24 08:59:00 | 000,454,656 | ---- | M] (Symantec Corporation) [Auto | Unknown] -- C:\Program Files\NavNT\rtvscan.exe -- (Norton AntiVirus Server)
SRV - [2001/09/24 08:59:00 | 000,032,768 | ---- | M] (Symantec Corporation) [Auto | Unknown] -- C:\Program Files\NavNT\defwatch.exe -- (DefWatch)
SRV - [2001/08/10 15:14:14 | 000,192,512 | ---- | M] (Roxio Inc.) [On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\ImapiRox.exe -- (ImapiService)
SRV - [2001/08/09 20:18:30 | 000,064,512 | -H-- | M] (America Online, Inc.) [Auto | Unknown] -- C:\WINDOWS\SYSTEM32\PackethSvc.exe -- (PackethSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/10/17 21:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101018.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/10/17 21:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101018.002\NAVENG.SYS -- (NAVENG)
DRV - [2004/08/04 03:56:46 | 000,089,088 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\SYSTEM32\WBEM\wmiaprpl.dll -- (WmiApRpl)
DRV - [2002/01/31 08:21:57 | 000,055,216 | ---- | M] (Roxio) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/01/31 08:21:57 | 000,022,713 | ---- | M] (Roxio) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2001/12/04 11:26:04 | 000,032,256 | ---- | M] (DAVICOM Semiconductor, Inc. ) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\DM9PCI5.SYS -- (DM9102)
DRV - [2001/09/24 08:59:00 | 000,176,208 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Program Files\NavNT\navap.sys -- (NAVAP)
DRV - [2001/09/24 08:59:00 | 000,009,232 | ---- | M] () [Kernel | Auto | Unknown] -- C:\Program Files\NavNT\Navapel.sys -- (NAVAPEL)
DRV - [2001/09/24 04:29:00 | 000,057,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2001/09/10 12:43:46 | 000,205,824 | ---- | M] (Roxio) [File_System | System | Unknown] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2001/09/04 18:37:08 | 000,233,344 | ---- | M] (Roxio) [File_System | System | Unknown] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2001/09/04 17:39:50 | 000,017,990 | ---- | M] (Roxio) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2001/09/04 17:39:40 | 000,019,702 | ---- | M] (Roxio) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2001/09/04 17:39:28 | 000,078,454 | ---- | M] (Roxio) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2K)
DRV - [2001/08/31 02:40:30 | 000,282,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtaa.sys -- (ati2mtaa)
DRV - [2001/08/17 15:52:24 | 000,038,144 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | Disabled | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\HPT3XX.SYS -- (hpt3xx)
DRV - [2001/08/17 14:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4.SYS -- (nv4)
DRV - [2001/08/17 14:48:52 | 000,281,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mpaa.sys -- (ati2mpaa)
DRV - [2001/08/17 14:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2001/08/09 18:25:22 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\wandrv.sys -- (wandrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = http://www.google.com/
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://smbusiness.dellnet.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1879: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1939: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.872: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Gmail = C:\Documents and Settings\BHS3\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001/08/18 09:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [farmmext] C:\WINDOWS\farmmext.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\NavNT\vptray.exe (Symantec Corporation)
O4 - HKLM..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.5.1.0\WeatherOnTray.exe File not found
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.micros...i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://office.webmd...criptX/smsx.cab (MeadCo ScriptX)
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} http://adserver.shar...ver/Install.cab (CInstall Class)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} http://software-dl.r...ip/RdxIE601.cab (RdxIE Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1133973176480 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1133973144528 (MUWebControl Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7306.6394791667 (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.ao.../ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.130.40.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = koinonia.org
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B0A1A0F-5D7B-455C-BF43-2C01BB6DA568}: DhcpNameServer = 10.111.33.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6DA18CC-18CC-43A6-B0EB-53F7D8218501}: DhcpNameServer = 10.130.40.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\WINDOWS\Nail.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\System32\NavLogon.dll) - C:\WINDOWS\SYSTEM32\NavLogon.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/08/31 15:00:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2069/02/28 17:07:16 | 000,139,264 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBSyncUI.dll
[2069/02/28 17:07:16 | 000,098,304 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBSyncBridge.dll
[2069/02/28 17:07:14 | 000,222,312 | ---- | C] (Intuit, Inc.) -- C:\Program Files\NAAuthTool.dll
[2069/02/28 17:07:14 | 000,200,704 | ---- | C] (Intuit, Inc.) -- C:\Program Files\msgDBAddIn.dll
[2069/02/28 17:07:14 | 000,147,456 | ---- | C] (Intuit, Inc.) -- C:\Program Files\MerchantCard.dll
[2069/02/28 17:06:54 | 001,331,254 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBINTR32.DLL
[2069/02/28 17:06:54 | 001,028,149 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qblist32.DLL
[2069/02/28 17:06:54 | 000,217,142 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbmsintg.DLL
[2069/02/28 17:06:54 | 000,090,112 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBITools.dll
[2069/02/28 17:06:52 | 000,499,760 | ---- | C] (Intuit, Inc.) -- C:\Program Files\PREFS.DLL
[2069/02/28 17:06:52 | 000,159,790 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBA32.DLL
[2069/02/28 17:06:52 | 000,098,357 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBATTR32.DLL
[2067/11/08 21:41:28 | 003,207,168 | ---- | C] (Intuit, Inc.) -- C:\Program Files\sdkqbimpl.dll
[2012/07/13 13:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BHS3\My Documents\Downloads
[2012/07/13 13:09:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BHS3\Application Data\Macromedia
[2012/07/13 13:09:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BHS3\Application Data\Adobe
[2012/07/05 10:23:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2006/12/20 14:34:17 | 000,598,072 | ---- | C] (Intuit, Inc.) -- C:\Program Files\EfpOfxGen.DLL
[2006/12/20 14:34:17 | 000,262,200 | ---- | C] (Intuit, Inc.) -- C:\Program Files\EfpOfxDao.DLL
[2005/10/28 12:42:54 | 000,036,864 | ---- | C] (Intuit, Inc.) -- C:\Program Files\MktPopAddinG.dll
[2005/10/25 15:21:10 | 000,094,208 | ---- | C] (Intuit, Inc.) -- C:\Program Files\xengine.dll
[2005/10/25 15:21:04 | 000,114,741 | ---- | C] (Intuit, Inc.) -- C:\Program Files\pr2frm32.usa
[2005/10/25 15:19:49 | 000,135,168 | ---- | C] (Intuit, Inc.) -- C:\Program Files\RcvPmtRequestHandler.dll
[2005/10/25 15:19:49 | 000,081,920 | ---- | C] (Intuit, Inc.) -- C:\Program Files\StatusRequestHandler.dll
[2005/10/25 15:19:49 | 000,081,920 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBXLAdin.dll
[2005/10/25 15:19:48 | 000,319,488 | ---- | C] (Intuit, Inc.) -- C:\Program Files\SendForms.dll
[2005/10/25 15:19:48 | 000,159,744 | ---- | C] (Intuit, Inc.) -- C:\Program Files\ShoeBox.dll
[2005/10/25 15:19:48 | 000,045,056 | ---- | C] (Intuit, Inc.) -- C:\Program Files\TaxAlertsECL.dll
[2005/10/25 15:19:47 | 000,172,032 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBXMLRP.dll
[2005/10/25 15:19:47 | 000,024,576 | ---- | C] (Intuit, Inc.) -- C:\Program Files\sdkevent.dll
[2005/10/25 15:19:46 | 002,654,208 | ---- | C] (Intuit Inc.) -- C:\Program Files\qwutil7.dll
[2005/10/25 15:19:46 | 000,258,048 | ---- | C] (Intuit, Inc.) -- C:\Program Files\sdkutil.dll
[2005/10/25 15:19:46 | 000,024,576 | ---- | C] (Intuit Inc.) -- C:\Program Files\qversion.dll
[2005/10/25 15:19:44 | 001,955,328 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\ilxolk.fil
[2005/10/25 15:19:44 | 000,415,744 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\ilxact3.fil
[2005/10/25 15:19:43 | 001,627,280 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBW32.EXE
[2005/10/25 15:19:43 | 000,224,768 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\support.exe
[2005/10/25 15:19:42 | 000,479,232 | ---- | C] (Intuit) -- C:\Program Files\techhelp.exe
[2005/10/25 15:19:41 | 001,568,768 | ---- | C] (Apache Software Foundation) -- C:\Program Files\xerces-c_1_7_0.dll
[2005/10/25 15:19:41 | 000,143,360 | ---- | C] (Connected Corporation) -- C:\Program Files\OLBService.DLL
[2005/10/25 15:19:40 | 000,663,595 | ---- | C] (Intuit, Inc.) -- C:\Program Files\skucore.dll
[2005/10/25 15:19:40 | 000,192,512 | ---- | C] (Intuit Inc.) -- C:\Program Files\qbwpsrun.dll
[2005/10/25 15:19:39 | 003,375,167 | ---- | C] (Intuit, Inc.) -- C:\Program Files\sdkdatabind.DLL
[2005/10/25 15:19:39 | 000,196,608 | ---- | C] (Intuit, Inc.) -- C:\Program Files\sdkcore.dll
[2005/10/25 15:19:39 | 000,010,752 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\Ilxact3res.dll
[2005/10/25 15:19:38 | 001,466,420 | ---- | C] (Intuit, Inc.) -- C:\Program Files\TXNFORM.DLL
[2005/10/25 15:19:37 | 000,852,010 | ---- | C] (Intuit, Inc.) -- C:\Program Files\ui.DLL
[2005/10/25 15:19:37 | 000,618,548 | ---- | C] (Intuit, Inc.) -- C:\Program Files\txncore.DLL
[2005/10/25 15:19:36 | 000,627,200 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\iltif32.dll
[2005/10/25 15:19:36 | 000,339,968 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\ilx32.dll
[2005/10/25 15:19:36 | 000,188,416 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\ilxolk_aux.dll
[2005/10/25 15:19:36 | 000,161,280 | ---- | C] (Puma Technology) -- C:\Program Files\tifsdk.dll
[2005/10/25 15:19:36 | 000,155,648 | ---- | C] (Wintertree Software Inc.) -- C:\Program Files\ssce5232.DLL
[2005/10/25 15:19:35 | 001,276,928 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\ilsync.dll
[2005/10/25 15:19:35 | 000,232,960 | ---- | C] (Puma Technology, Inc.) -- C:\Program Files\ilchoose.dll
[2005/10/25 15:19:35 | 000,041,984 | ---- | C] (Intuit) -- C:\Program Files\Qfnglu32.dll
[2005/10/25 15:19:35 | 000,041,472 | ---- | C] (Intuit) -- C:\Program Files\iprof32.dll
[2005/10/25 15:19:35 | 000,020,480 | ---- | C] (Intuit) -- C:\Program Files\qwenc.dll
[2005/10/25 15:19:34 | 003,477,554 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBWIN32.DLL
[2005/10/25 15:19:32 | 000,454,710 | ---- | C] (Intuit, Inc.) -- C:\Program Files\TRACKING.DLL
[2005/10/25 15:19:31 | 001,232,942 | ---- | C] (Intuit, Inc.) -- C:\Program Files\TEJ32.DLL
[2005/10/25 15:19:30 | 000,602,112 | ---- | C] (Intuit Inc.) -- C:\Program Files\Qdb.dll
[2005/10/25 15:19:30 | 000,180,224 | ---- | C] (Intuit Inc.) -- C:\Program Files\qdbbase.dll
[2005/10/25 15:19:28 | 002,981,941 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBWRPT32.DLL
[2005/10/25 15:19:27 | 000,348,208 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbwpr32.DLL
[2005/10/25 15:18:48 | 000,189,392 | ---- | C] (AMYUNI Consultants - AMYUNI Technologies
http://www.amyuni.com) -- C:\Program Files\acfpdf.dll
[2005/10/25 15:18:48 | 000,123,017 | ---- | C] (AMYUNI Consultants - AMYUNI Technologies
http://www.amyuni.com) -- C:\Program Files\acfpdfu.dll
[2005/10/25 15:18:47 | 000,339,968 | ---- | C] (AMYUNI Consultants
http://www.amyuni.com) -- C:\Program Files\cdintf.dll
[2005/10/25 15:18:47 | 000,210,464 | ---- | C] (AMYUNI Consultants - AMYUNI Technologies
http://www.amyuni.com) -- C:\Program Files\acfpdf.drv
[2005/10/25 15:18:47 | 000,072,720 | ---- | C] (AMYUNI Consultants
http://www.amyuni.com) -- C:\Program Files\acfpdfui.dll
[2005/02/28 17:07:16 | 000,308,328 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBPrefs.dll
[2005/02/28 17:07:16 | 000,221,184 | ---- | C] (Intuit, Inc.) -- C:\Program Files\NetworkAdapterManager.dll
[2005/02/28 17:07:16 | 000,204,849 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBSetupWizard.dll
[2005/02/28 17:07:16 | 000,122,880 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBInbox.dll
[2005/02/28 17:07:16 | 000,069,685 | ---- | C] (Intuit) -- C:\Program Files\QBConnectorBridge.dll
[2005/02/28 17:07:16 | 000,028,718 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBCMIAddin.dll
[2005/02/28 17:07:14 | 000,824,424 | ---- | C] (Intuit, Inc.) -- C:\Program Files\ecredit.dll
[2005/02/28 17:07:14 | 000,098,304 | ---- | C] (Intuit, Inc.) -- C:\Program Files\ICWrapper.dll
[2005/02/28 17:07:14 | 000,036,864 | ---- | C] (Intuit) -- C:\Program Files\ExcelPayrollDataSource.dll
[2005/02/28 17:07:04 | 001,105,973 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbtool32.DLL
[2005/02/28 17:07:04 | 001,056,820 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbtxn32.DLL
[2005/02/28 17:07:04 | 000,585,779 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBSTYL32.DLL
[2005/02/28 17:07:04 | 000,323,584 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBQWUT32.dll
[2005/02/28 17:07:04 | 000,077,884 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBSDKNotify.DLL
[2005/02/28 17:07:02 | 006,914,100 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbpay32.DLL
[2005/02/28 17:06:56 | 002,109,492 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBONLI32.DLL
[2005/02/28 17:06:54 | 000,761,907 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbform32.DLL
[2005/02/28 17:06:54 | 000,655,413 | ---- | C] (Intuit, Inc.) -- C:\Program Files\QBCONV32.DLL
[2005/02/28 17:06:54 | 000,241,717 | ---- | C] (Intuit, Inc.) -- C:\Program Files\qbbrow32.DLL
[2005/02/28 17:06:52 | 001,441,846 | ---- | C] (Intuit, Inc.) -- C:\Program Files\FEATURES.DLL
[2005/02/28 17:06:52 | 000,606,260 | ---- | C] (Intuit, Inc.) -- C:\Program Files\APPCORE.DLL
[2005/02/28 17:06:52 | 000,221,234 | ---- | C] (Intuit, Inc.) -- C:\Program Files\ELCORE.DLL
[2005/02/28 17:06:52 | 000,024,628 | ---- | C] (Intuit, Inc.) -- C:\Program Files\DataRec.DLL
[2003/05/27 18:09:32 | 000,246,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/02 10:23:00 | 000,000,242 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/08/02 10:03:17 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/02 09:43:08 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/08/02 09:35:13 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3234824724-3335595928-1885564740-1186UA.job
[2012/08/02 09:12:44 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/08/02 09:12:44 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/08/02 09:09:18 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/08/02 09:09:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/08/02 09:09:14 | 804,339,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/26 10:35:03 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3234824724-3335595928-1885564740-1186Core.job
[2012/07/19 09:43:33 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/05 14:08:02 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\BHS3\Desktop\Microsoft Word.lnk
[2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/03 12:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2069/02/28 17:07:18 | 000,913,655 | ---- | C] () -- C:\Program Files\core.chm
[2069/02/28 17:07:18 | 000,315,526 | ---- | C] () -- C:\Program Files\Payroll.chm
[2069/02/28 17:07:18 | 000,170,340 | ---- | C] () -- C:\Program Files\Payroll.lim
[2069/02/28 17:07:18 | 000,137,236 | ---- | C] () -- C:\Program Files\core2.chm
[2069/02/28 17:07:18 | 000,112,899 | ---- | C] () -- C:\Program Files\PayCPS.chm
[2069/02/28 17:07:18 | 000,079,025 | ---- | C] () -- C:\Program Files\core2.lim
[2069/02/28 17:07:18 | 000,070,576 | ---- | C] () -- C:\Program Files\PayCPS.lim
[2069/02/28 17:06:56 | 000,307,200 | ---- | C] () -- C:\Program Files\qbot.dll
[2069/02/28 17:06:54 | 001,810,483 | ---- | C] () -- C:\Program Files\QBOESD32.DLL
[2069/02/28 17:06:54 | 000,315,446 | ---- | C] () -- C:\Program Files\QBINSTAL.DLL
[2069/02/28 17:06:54 | 000,020,534 | ---- | C] () -- C:\Program Files\QBMFCT32.DLL
[2069/02/28 17:06:52 | 001,445,888 | ---- | C] () -- C:\Program Files\printeng.dll
[2069/02/28 17:06:50 | 000,233,544 | ---- | C] () -- C:\Program Files\QBConnector.fil
[2069/02/28 17:06:48 | 000,139,264 | ---- | C] () -- C:\Program Files\AutoBackupEXE.exe
[2067/05/27 18:09:32 | 000,020,561 | ---- | C] () -- C:\Program Files\ratetopic.chm
[2067/05/27 18:09:20 | 000,121,731 | ---- | C] () -- C:\Program Files\coa1120.iif
[2067/05/27 18:09:20 | 000,121,332 | ---- | C] () -- C:\Program Files\coa1065.iif
[2067/05/27 18:09:20 | 000,121,330 | ---- | C] () -- C:\Program Files\coa1120s.iif
[2067/05/27 18:09:20 | 000,120,875 | ---- | C] () -- C:\Program Files\coa1040.iif
[2067/05/27 18:09:20 | 000,117,878 | ---- | C] () -- C:\Program Files\coa_us.iif
[2067/05/27 18:09:20 | 000,089,026 | ---- | C] () -- C:\Program Files\coa_scd.iif
[2067/05/27 18:09:20 | 000,072,248 | ---- | C] () -- C:\Program Files\coa_can.iif
[2067/05/27 18:09:20 | 000,063,493 | ---- | C] () -- C:\Program Files\qbxmlops21.dtd
[2067/05/27 18:09:20 | 000,060,250 | ---- | C] () -- C:\Program Files\qbxml21.dtd
[2067/05/27 18:09:20 | 000,020,922 | ---- | C] () -- C:\Program Files\UCOA.IIF
[2067/05/27 18:09:20 | 000,005,111 | ---- | C] () -- C:\Program Files\qbxmlso21.dtd
[2012/07/19 09:43:31 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/05 14:07:32 | 000,002,483 | ---- | C] () -- C:\Documents and Settings\BHS3\Desktop\Microsoft Word.lnk
[2006/12/20 15:18:33 | 000,290,008 | ---- | C] () -- C:\Program Files\CORE.chw
[2006/12/20 14:34:17 | 000,000,092 | ---- | C] () -- C:\Program Files\efpofx.ini
[2006/12/20 14:24:36 | 000,000,089 | ---- | C] () -- C:\Program Files\QBUpdateUtility.bat
[2005/11/16 13:58:16 | 000,002,582 | ---- | C] () -- C:\Program Files\QBPRINT.QBP
[2005/10/29 02:37:26 | 000,147,456 | ---- | C] () -- C:\Program Files\mbpopup.dll
[2005/10/29 02:37:26 | 000,004,085 | ---- | C] () -- C:\Program Files\vocsurvey2005.html
[2005/10/29 02:37:26 | 000,001,441 | ---- | C] () -- C:\Program Files\vocsurvey2005.css
[2005/10/29 02:37:26 | 000,000,498 | ---- | C] () -- C:\Program Files\mbpopup.qbot
[2005/10/29 02:37:25 | 000,773,814 | ---- | C] () -- C:\Program Files\FAQHelp.chm
[2005/10/29 02:37:25 | 000,436,980 | ---- | C] () -- C:\Program Files\FAQHelp.lim
[2005/10/28 12:43:09 | 000,000,256 | ---- | C] () -- C:\Program Files\mktpatch.bat
[2005/10/28 12:43:00 | 000,000,032 | ---- | C] () -- C:\Program Files\QBOnlineReg.dat
[2005/10/28 12:42:54 | 000,045,056 | ---- | C] () -- C:\Program Files\mktpatch.exe
[2005/10/28 12:42:54 | 000,000,272 | ---- | C] () -- C:\Program Files\mktpop.qbot
[2005/10/25 15:32:53 | 000,002,261 | ---- | C] () -- C:\Program Files\qbbackup.sys
[2005/10/25 15:21:18 | 000,053,248 | ---- | C] () -- C:\Program Files\askforcd.exe
[2005/10/25 15:21:12 | 000,009,579 | ---- | C] () -- C:\Program Files\regqb.dat
[2005/10/25 15:21:12 | 000,009,325 | ---- | C] () -- C:\Program Files\reboot.bat
[2005/10/25 15:21:12 | 000,000,870 | ---- | C] () -- C:\Program Files\QBW.INI
[2005/10/25 15:21:11 | 003,524,608 | ---- | C] () -- C:\Program Files\sample_product-based business.qbw
[2005/10/25 15:21:11 | 002,456,576 | ---- | C] () -- C:\Program Files\sample_service-based business.qbw
[2005/10/25 15:21:06 | 000,144,791 | ---- | C] () -- C:\Program Files\qpstbl2.usa
[2005/10/25 15:21:06 | 000,073,648 | ---- | C] () -- C:\Program Files\qbma2224.1pa
[2005/10/25 15:21:06 | 000,024,629 | ---- | C] () -- C:\Program Files\tx2for32.USA
[2005/10/25 15:21:06 | 000,021,830 | ---- | C] () -- C:\Program Files\qb_ps_logo.gif
[2005/10/25 15:21:06 | 000,019,884 | ---- | C] () -- C:\Program Files\qbma2201.1pa
[2005/10/25 15:21:06 | 000,012,903 | ---- | C] () -- C:\Program Files\qbma2301.1pa
[2005/10/25 15:21:06 | 000,004,793 | ---- | C] () -- C:\Program Files\qbma2112.1pa
[2005/10/25 15:21:05 | 000,013,439 | ---- | C] () -- C:\Program Files\qbma3001.1pa
[2005/10/25 15:21:04 | 000,086,296 | ---- | C] () -- C:\Program Files\ttchange.htm
[2005/10/25 15:21:04 | 000,025,431 | ---- | C] () -- C:\Program Files\qbma2412.1pa
[2005/10/25 15:21:04 | 000,018,843 | ---- | C] () -- C:\Program Files\qbma2901.1pa
[2005/10/25 15:21:04 | 000,008,345 | ---- | C] () -- C:\Program Files\payrollupdate.htm
[2005/10/25 15:21:04 | 000,003,449 | ---- | C] () -- C:\Program Files\shareupdate.htm
[2005/10/25 15:21:04 | 000,001,153 | ---- | C] () -- C:\Program Files\qbmfs.1pa
[2005/10/25 15:21:03 | 000,008,840 | ---- | C] () -- C:\Program Files\qbma2403.1pa
[2005/10/25 15:19:58 | 000,347,952 | ---- | C] () -- C:\Program Files\VM.chm
[2005/10/25 15:19:58 | 000,263,201 | ---- | C] () -- C:\Program Files\VM.lim
[2005/10/25 15:19:58 | 000,198,947 | ---- | C] () -- C:\Program Files\Pro.chm
[2005/10/25 15:19:58 | 000,106,678 | ---- | C] () -- C:\Program Files\logo.bmp
[2005/10/25 15:19:58 | 000,087,437 | ---- | C] () -- C:\Program Files\Pro.lim
[2005/10/25 15:19:58 | 000,000,321 | ---- | C] () -- C:\Program Files\QBTAXPRT.ini
[2005/10/25 15:19:58 | 000,000,196 | ---- | C] () -- C:\Program Files\qbf5a86r.dat
[2005/10/25 15:19:58 | 000,000,038 | ---- | C] () -- C:\Program Files\UserDictionary.tlx
[2005/10/25 15:19:58 | 000,000,021 | ---- | C] () -- C:\Program Files\qbsdk.ini
[2005/10/25 15:19:47 | 000,040,960 | ---- | C] () -- C:\Program Files\HTMLHelper.DLL
[2005/10/25 15:19:46 | 000,106,496 | ---- | C] () -- C:\Program Files\qcomutil.dll
[2005/10/25 15:19:46 | 000,081,920 | ---- | C] () -- C:\Program Files\regqb.exe
[2005/10/25 15:19:45 | 000,320,892 | ---- | C] () -- C:\Program Files\ssceam2.clx
[2005/10/25 15:19:45 | 000,067,613 | ---- | C] () -- C:\Program Files\qbxmlops.dtd
[2005/10/25 15:19:45 | 000,060,613 | ---- | C] () -- C:\Program Files\qbxmlops20.dtd
[2005/10/25 15:19:45 | 000,055,723 | ---- | C] () -- C:\Program Files\qbxml20.dtd
[2005/10/25 15:19:45 | 000,053,937 | ---- | C] () -- C:\Program Files\qbxmlops11.dtd
[2005/10/25 15:19:45 | 000,041,448 | ---- | C] () -- C:\Program Files\qbxml11.dtd
[2005/10/25 15:19:45 | 000,037,642 | ---- | C] () -- C:\Program Files\qbxml.dtd
[2005/10/25 15:19:45 | 000,021,491 | ---- | C] () -- C:\Program Files\correct.tlx
[2005/10/25 15:19:45 | 000,004,944 | ---- | C] () -- C:\Program Files\QBXMLRP.tlb
[2005/10/25 15:19:45 | 000,004,671 | ---- | C] () -- C:\Program Files\qbxmlso20.dtd
[2005/10/25 15:19:45 | 000,003,631 | ---- | C] () -- C:\Program Files\qbxmlso11.dtd
[2005/10/25 15:19:45 | 000,003,455 | ---- | C] () -- C:\Program Files\qbxmlso.dtd
[2005/10/25 15:19:45 | 000,002,155 | ---- | C] () -- C:\Program Files\accent.tlx
[2005/10/25 15:19:45 | 000,001,646 | ---- | C] () -- C:\Program Files\Qbdtsrc.sys
[2005/10/25 15:19:45 | 000,000,586 | ---- | C] () -- C:\Program Files\InboxMsg.ximt
[2005/10/25 15:19:44 | 000,001,019 | ---- | C] () -- C:\Program Files\qbbbfmns.bbf
[2005/10/25 15:19:44 | 000,000,618 | ---- | C] () -- C:\Program Files\spell.ini
[2005/10/25 15:19:44 | 000,000,079 | ---- | C] () -- C:\Program Files\help_close.gif
[2005/10/25 15:19:43 | 002,259,968 | ---- | C] () -- C:\Program Files\ilsdk.fil
[2005/10/25 15:19:43 | 000,133,004 | ---- | C] () -- C:\Program Files\filters.il
[2005/10/25 15:19:43 | 000,083,874 | ---- | C] () -- C:\Program Files\tables.itb
[2005/10/25 15:19:43 | 000,058,368 | ---- | C] () -- C:\Program Files\ofxroots.crt
[2005/10/25 15:19:43 | 000,007,017 | ---- | C] () -- C:\Program Files\Qbcact.sys
[2005/10/25 15:19:43 | 000,005,500 | ---- | C] () -- C:\Program Files\Qbcqst.sys
[2005/10/25 15:19:43 | 000,003,337 | ---- | C] () -- C:\Program Files\wpr.ini
[2005/10/25 15:19:43 | 000,001,213 | ---- | C] () -- C:\Program Files\Qbcpgs.sys
[2005/10/25 15:19:43 | 000,000,526 | ---- | C] () -- C:\Program Files\iloptcfg.cfg
[2005/10/25 15:19:42 | 000,161,280 | R--- | C] () -- C:\Program Files\qbword.dot
[2005/10/25 15:19:42 | 000,060,444 | ---- | C] () -- C:\Program Files\bustax.scd
[2005/10/25 15:19:42 | 000,029,696 | ---- | C] () -- C:\Program Files\PERWIN97.fam
[2005/10/25 15:19:42 | 000,028,018 | ---- | C] () -- C:\Program Files\quickbooks.qbot
[2005/10/25 15:19:42 | 000,010,240 | ---- | C] () -- C:\Program Files\intuserv.des
[2005/10/25 15:19:42 | 000,010,240 | ---- | C] () -- C:\Program Files\intuprod.des
[2005/10/25 15:19:42 | 000,010,198 | ---- | C] () -- C:\Program Files\qmem.wav
[2005/10/25 15:19:42 | 000,009,216 | ---- | C] () -- C:\Program Files\intustmt.des
[2005/10/25 15:19:42 | 000,009,216 | ---- | C] () -- C:\Program Files\intuprof.des
[2005/10/25 15:19:42 | 000,004,682 | ---- | C] () -- C:\Program Files\qrecord.wav
[2005/10/25 15:19:42 | 000,002,542 | ---- | C] () -- C:\Program Files\qdelete.wav
[2005/10/25 15:19:42 | 000,002,097 | ---- | C] () -- C:\Program Files\Ivpay.iif
[2005/10/25 15:19:42 | 000,000,400 | ---- | C] () -- C:\Program Files\qclick.wav
[2005/10/25 15:19:42 | 000,000,166 | ---- | C] () -- C:\Program Files\Pubkey
[2005/10/25 15:19:41 | 003,043,328 | ---- | C] () -- C:\Program Files\qbwfls32.dll
[2005/10/25 15:19:36 | 004,370,432 | ---- | C] () -- C:\Program Files\qbwps.dll
[2005/10/25 15:19:36 | 000,079,360 | ---- | C] () -- C:\Program Files\zlib32.dll
[2005/10/25 15:19:36 | 000,057,344 | ---- | C] () -- C:\Program Files\WinHelper.dll
[2005/10/25 15:19:36 | 000,028,672 | ---- | C] () -- C:\Program Files\tlstubv5.dll
[2005/10/25 15:19:30 | 000,197,120 | ---- | C] () -- C:\Program Files\Patchw32.dll
[2005/10/25 15:18:47 | 000,118,784 | ---- | C] () -- C:\Program Files\Install.exe
[2005/10/25 15:18:47 | 000,007,691 | ---- | C] () -- C:\Program Files\ssceam.tlx
[2005/10/25 15:18:47 | 000,007,684 | ---- | C] () -- C:\Program Files\License.pdf
[2005/10/25 15:18:47 | 000,000,863 | ---- | C] () -- C:\Program Files\oemsetup.inf
[2005/10/25 15:18:47 | 000,000,079 | ---- | C] () -- C:\Program Files\acfpdf.inf
[2005/02/28 17:07:18 | 000,472,378 | ---- | C] () -- C:\Program Files\core.lim
[2005/02/28 17:07:16 | 000,954,368 | ---- | C] () -- C:\Program Files\QBSetupUtil.dll
[2005/02/28 17:06:54 | 001,253,427 | ---- | C] () -- C:\Program Files\QBCHAO32.DLL
[2005/02/28 17:06:54 | 000,135,218 | ---- | C] () -- C:\Program Files\qbci32.dll
[2005/02/28 17:06:52 | 000,360,504 | ---- | C] () -- C:\Program Files\abmapi.DLL
[2005/02/28 17:06:52 | 000,036,928 | ---- | C] () -- C:\Program Files\FeatureMgr.DLL
[2003/05/27 18:09:32 | 000,307,200 | ---- | C] () -- C:\Program Files\TIUpload.dll
[2003/05/27 18:09:32 | 000,021,169 | ---- | C] () -- C:\Program Files\coa.dat
[2003/05/27 18:09:32 | 000,005,676 | ---- | C] () -- C:\Program Files\qbm3t2.dat
[2003/05/27 18:09:32 | 000,000,264 | ---- | C] () -- C:\Program Files\faqvote.js
[2002/02/19 19:07:19 | 000,002,412 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
========== LOP Check ==========
[2002/01/31 08:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America Online
[2012/06/28 12:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2005/12/15 10:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2005/03/07 11:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pribi
[2005/01/13 03:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Setup
[2008/10/08 13:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/08/02 09:43:08 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2011/09/17 02:00:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2002/02/19 19:02:41 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 2.job
[2002/02/19 19:02:41 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job
[2012/08/02 10:23:00 | 000,000,242 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:825D5945
< End of report >